[ale] Cory Doctorow, right again

Tim Watts tim at cliftonfarm.org
Fri Mar 16 14:24:59 EDT 2012


I thought Apple's "good reason" for the AppStore restriction was that
you knew you were getting safe software from a reliable source.  So the
price you paid in your freedom was supposed to be worth it.  Turns out,
not so much.  Turns out, the cost to your freedom is mainly for Apple's
profits.  Now this still doesn't necessarily make FOSS safer but if I
wanted an app and I knew of a FOSS version that I trusted but wasn't
available on the AppStore then too bad for me.


On Fri, 2012-03-16 at 14:02 -0400, James Sumners wrote:
> Which all boils down to exactly what I said. Either ignore installing
> third party software altogether, or do the best you can with the time
> you have. The argument that open source is safer because you,
> yourself, can look at the code before installing it is ludicrous. If
> you have the time to do that for _every_ piece of software you
> install, then you must not be doing anything else.
> 
> On Fri, Mar 16, 2012 at 13:42, mike at trausch.us <mike at trausch.us> wrote:
> > On 03/16/2012 01:29 PM, James Sumners wrote:
> >> It has applications that are shipped with it. And you can use webapps
> >> all day long. You don't _have_ to use the AppStore. But if you do use
> >> it, then you still have to decide if you trust the developer. If you
> >> install something that seems scummy in the description (poorly
> >> translated descriptions, bad reviews, etc.) then that's on you. It
> >> isn't the fault of anyone, or anything, else.
> >
> > And what if you install a highly-rated, seemingly legitimate app that
> > does things that you aren't aware of because you have no way to possibly
> > be aware of them?
> >
> > There are security concerns with any application software on any
> > platform or device that are a mile long and simply cannot be addressed
> > by the average user.  These problems will likely never go away, unless
> > the entire world moves to a model where the source code for all software
> > becomes generally available.  And even then, you have the problems that
> > were discussed in “Reflections on Trusting Trust” (a very worthwhile
> > read if you haven't), making it almost completely impossible to sanely
> > be able to settle on any level of trust in software.  One would have to
> > take a copy of a (as Thompson calls it) "bugged" binary and examine it
> > on a system that is known to not be bugged.
> >
> > I don't know about you, but I don't have the means to create a
> > completely isolated environment in which to be able to assert such
> > levels of trust.  At least not yet; it would be possible to do but it
> > would not be really doable without a great deal of time, effort and money.
> >
> > And even then, who would be insane enough to trust anyone else to create
> > such a thing for them?  :-)
> >
> >        --- Mike
> >
> > --
> > A man who reasons deliberately, manages it better after studying Logic
> > than he could before, if he is sincere about it and has common sense.
> >                                   --- Carveth Read, “Logic”
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
> 
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20120316/0874f57e/attachment.bin 


More information about the Ale mailing list